since today I have an error during “apt update” on an ubuntu 20.04 system. I saw some new instructions on apt.syncthing.net and followed them. However, this error remains:
Fehl:15 https://apt.syncthing.net syncthing Release
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake:
I got the newest gpg file, just moments ago, so I guess the file is out-of-date…
The certificates look correct to me now, but there are apparently issues with openssl compatibility on some hosts, and possible outdated local certificate stores.
To connect to LE-certified sites from clients with old openssl 1.0 (example: apt/wget in debian 8/debian 9) you need to remove expired certificate from your machine.
#dpkg-reconfigure ca-certificates
Then “Yes”. Deselect “mozilla/DST_Root_CA_X3.crt”! “Ok”.